Limit Office 365 Telemetry with this undocumented setting
Office 365, just like Microsoft Windows, Microsoft Office and other Microsoft products collect and submit telemetry data to Microsoft servers by default. Only a few options to limit data collection are provided to most users of Windows and other Microsoft products; Enterprise customers do get more options.
When it comes to Office 365, there is an undocumented setting that administrators may set on Windows devices to limit telemetry.
The setting was revealed by Aleksandar Milenkoski on Twitter. Milenkoski analyzed telemetry in Microsoft Office and published a report about his findings for the German Federal Office for Information Security. The English version of the report is available as a PDF document that you can download / view with a click on this link.
It includes a treasure trove of information about telemetry in Office, including an entire chapter on disabling the output of diagnostic data. The chapter lists Microsoft endpoint servers that telemetry data is submitted to and an undocumented Registry setting that will limit telemetry when enabled.
Here is what needs to be done:
- Use Windows-R to open the run box on the Windows system.
- Type regedit.exe and click OK to load the Registry Editor.
- Confirm the UAC prompt if it is displayed.
- Go to HKEY_CURRENT_USER\Software\Policies\Microsoft\office\
- Create missing keys by right-clicking on the previous key and selecting New > Key. Name them according to the path information.
- Right-click on clienttelemetry and select New > Dword (32-bit) Value.
- Name it DisableTelemetry.
- Set its value to 1 to disable some of the data collecting that goes on normally.
Setting the registry value HKEY_CURRENT_USER\Software\Policies\Microsoft\office\
common\clienttelemetry\DisableTelemetry to 1 disables the Aria and Nexus Office telemetry
modules (see Section 2). For example, if DisableTelemetry is set to 1, Office applications do not load the
MSOARIANEXT.dll library file, which implements Aria (see Section 2.1)
He goes on to note that the setting does not impact Office functionality. Not all data collecting is disabled when the Registry value is set to 1.
However, it disables the output of diagnostic data only from the Aria and Nexus Office telemetry modules. It
does not disable, for example, the output of diagnostic data produced by connected experiences, sent to
Microsoft by Windows telemetry modules (see Section 2). For example, when DisableTelemetry is set to
1, OLE32 Extensions for Win32 still sends diagnostic events to
hubblecontent.osi.office.net/contentsvc/api/telemetry when a user uses the Insert Icon
connected experience in Word.
The undocumented Registry setting cannot be configured using the Group Policy editor. Milenkoski lists policies that are relevant for limited telemetry as well in the document.
Now You: which Office application do you use? (via Ask Woody)
This is why I use older versions of all Microsoft products.
As much as I’d like to switch to LibreOffice, my limited experience with Base is holding me back.
Martin, thank you for posting this.
And thank you Dr. Aleksandar Milenkoski for the research.
Well done to you both!
Love the final paragraph:
“There is no known central configuration setting that disables all telemetry modules. There is also no such setting that configures Office to stop producing diagnostic events. Fully disabling the output of diagnostic data produced by Office requires the application of a combination of approaches.”
And the revelation that by changing the Group Policy Editor to “neither” doesn’t stop Office from implementing a configuration “such that ‘no diagnostic data about Office client software running on the user’s device is sent to Microsoft.'”
Wow! My guess is that even if a user implements a “combination of approaches,” the settings will soon revert to their originals.
Serious question: what does Microsoft gain from all this incessant telemetry?
They sell them. Microsoft has recently sued for sharing Office 365 user data with Facebook.
So they can remove YOU from the equation
Telemetry here, telemetry there, telemetry everywhere. Everyone uses it ‘for your benefit’.
My son’s Dell CPU was constantly running at 20% and higher. Dell telemetry off. Problem solved.
In addition to all the privacy issues, all this telemetry undoubtedly has a very real cost in energy consumption and environmental damage.
I don’t use or recommend any software that has telemetry that cannot be disabled. This includes all recent versions of MS Office and Windows 10.
Aaaaand next patch tuesday will include a patch which removes that registry setting. Because F U little pi**-ant users, that’s why.
New location is Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ClientTelemetry
Wouldn’t something like privatewin10 help with its “tweak guard” and “Rule guard” to prevent and/or re-enable changes to its tweaks when undone by windows or office.
It seems like a reasonable software but I haven’t done and audit on it, reviewed it or used it extensively. Perhaps Martin will look at it or if someone knows something about it I don’t that makes it any less useful than other similar software or why it isn’t a raging success because by the looks of it on the surface it looks pretty interesting for what it offers.
MS has not acted on my incessant issue of Outlook and Word locking up requiring and “End Task”. But I keep sending feedback and telems.
pi hole. its like domain raid. kills telemetry dead.
Thanks Martin for this useful info!
This weekend I will test this reg mod with Office 2016, just to see if temp folder is filled with useless logs, but my main concerns are with unwanted startup connections to skype (uninstalled, but still see blocked connection attempts when opening Excel) and other M$ cdn’s and datagrabbin’ websites.
Meanwhile I’m testing latest LO xml filtering, if Calc fit my needs I will dump M$ bloatware. (freedom!)
I used the ping command at the cmd prompt (as admin) using the prod.hubblecontent.osi.office.net reference and it gave me prod.hubblecontent.osi.office.net.akadns.net (184.108.40.206) – you can block that address through Windows Defender Firewall and/or your hosts file (at C:\Windows\System32\drivers\etc\hosts
p.s. – Thanks for your efforts here, Martin.
Windows 11 location:
Telemetry = new age computer viruses. In this case Microsoft polymorph virus.
Time ago programmers programmed and made useful software. Nowadays big percent coding, not programming, and lazyness is so high for feedback, telemetry options need. Big corps using feedback, telemetry to hide behind with data stealing, selling. It’s easy to catch who is who. Just look websites around. There aren’t options to cancel cookies. Shopify is one of… who’s clearly stealing data, with or without cookies settings blocked.
Next question is why? To defend billionaires, pedophile network, money laundering from normal people? To restrict knowledge growing and sharing between? Are they fear from us? What’s goal of this?
Oftopic question. Hardware are so powerful. Why we can’t run simple 8-bit or 16-bit software on 64-bit machine? There are no reason not running.